Cyber Intelligence Weekly (April 9, 2023): Our Take on Three Things You Need to Know
Welcome to our weekly newsletter where we share some of the major developments on the future of cybersecurity that you need to know about. Make sure to follow my LinkedIn page as well as Echelon’s LinkedIn page to receive updates on the future of cybersecurity!
To receive these and other curated updates to your inbox on a regular basis, please sign up for our email list here: https://echeloncyber.com/ciw-subscribe
Also, we are always looking for great people to join our team. If you know anyone who fits the profiles for any of our open positions, drop me a line and let me know!
Before we get started on this week’s CIW, I’d like to highlight that on April 19th, The Cyber Breakfast Club (DC) will host a panel discussion on insider threat, featuring expert insights from both commercial and government sectors. Matt Donato and Nicholas Bakewell will host the discussion, and the esteemed panelists Mark Freedman, Stacey Champagne, Jess Vachon, and Brett Mencin will share their experiences and knowledge about building a program that fits your organization.
Join us for an in-depth discussion on the challenges that insider threat poses for security leaders, including breakdowns in communication and an over-reliance on software tools. We'll also examine emerging trends that make insider threats more relevant than ever before, such as remote work and increased espionage targeting private companies.
Don't miss out on this opportunity to learn from the experts and network with fellow professionals. Register now to attend the Cyber Breakfast Club's panel discussion on insider threat. See you there!
Away we go!
1. U.S. Justice Department and International Partners Shut Down Genesis Market
Chalk one up for the good guys!
In a huge win for cyber crime fighters, the U.S. Justice Department recently announced that they led a coordinated worldwide operation to shut the doors on the infamous Genesis Market, a nefarious internet marketplace that advertised and sold vast swaths of personal data, most notorious for hacked credentials and digital browser fingerprints. Account access credentials for the financial industry, vital infrastructure, and federal, state, and local government organizations were among those offered for sale on Genesis Market. Genesis Market was also one of the most active initial access brokers (IABs) out there. IABs attract hackers seeking a simple way to access a victim's computer network.
Some 120 people were detained as part of "Operation Cookie Monster," which included hundreds of worldwide searches. Two men, who are being held on suspicion of fraud and computer abuse were among the 19 suspected site users who were detained, according to the National Crime Agency of the United Kingdom. All told, the FBI has identified about 59,000 users on the now defunct marketplace.
According to the FBI, Genesis Market provided stolen information from more than 1.5 million infected computers around the world that contained more than 80 million account credentials. The FBI estimates that Genesis made at least $8.7 million from selling credentials that were stolen, while the total amount of losses has not yet been calculated. However, the FBI also stated that the total amount of losses is likely to be in the tens of millions of dollars or more. There have been millions of financially driven cyber incidents worldwide that have been attributed to the now-defunct market.
The website Have I Been Pwned, a free tool for consumers to rapidly determine whether their access credentials have been compromised (or "pwned") in a data breach or other activity, has been fed victim credentials gathered through the FBI seizure. In order to determine whether your passwords and other authentication credentials may have been compromised by Genesis Market, victims can check HaveIBeenPwned.com to see if their credentials were hacked.
2. Italian Regulators Crack Down on ChatGPT Over Data Privacy Concerns
Italian privacy regulators recently imposed an immediate temporary limitation on the processing of Italian users’ data by ChatGPT and OpenAI. An inquiry into the facts of the case has been initiated as well.
The Italian Data Protection Authority (DPA) says that OpenAI lacks a legitimate reason to collect consumers' personal information. The DPA also claims that OpenAI also lacks a method to prevent children from using the service, which "exposes minors to replies that are wholly inappropriate given their level of development and self-awareness."
It is clear that ChatGPT is quickly evolving and regulatory bodies like this one will struggle to keep pace with the speed of this evolution. The Italian DPA trying to hit the pause button while they figure this out is a good example of this.
3. TMX Finance Customers' Personal Data Stolen in Major Security Breach
Sorry to end the newsletter on a sour note, but here is some not-so-fun news: TMX Finance, a consumer loan company that operates under the brands TitleMax, TitleBucks and InstaLoan, has suffered a massive data breach. This breach reportedly affects over 4.8 million individuals. The breach happened between February 3 and February 14, 2023, but the attackers had already infiltrated the company's systems as early as December 2022.
The stolen personal data includes a bunch of sensitive data points, like names, addresses, phone numbers, email addresses, birth dates, driver's license and passport numbers, Social Security numbers, tax identification numbers, and financial account details. Yikes, that's a lot of information for cybercriminals to exploit.
TMX Finance is trying to stay on top of things, noting that they've rotated all employee passwords and are keeping a close eye on their network for any signs of suspicious activity. They've also alerted law enforcement, although they haven't disclosed how the bad guys got in. TMX however, is already facing a class action lawsuit due to this breach.
Thanks for reading!
About us: Echelon is a full-service cybersecurity consultancy that offers wholistic cybersecurity program building through vCISO or more specific solutions like penetration testing, red teaming, security engineering, cybersecurity compliance, and much more! Learn more about Echelon here: https://echeloncyber.com/about